<?php
//dodeleteuser.php
//Changes user type from admin to user or user to admin

require_once("../login/class.session.php");
require_once("../functions.php");
require_once("../login/database.php");
if (!isset($session->logged_in) || !$session->logged_in) {
  header("Location: ../createaccount.php");
}

$userinfo = $session->userinfo;

if($_GET && isset($_GET['id'])){

  // Safe-ify ID
  $safe_id = sql_escape($_GET['id']);
  if(is_numeric($safe_id)){
    $safer_id = (int) $safe_id;
    
    // Make get the current state of the user
    $check = query_select("
      SELECT isadmin
      FROM user
      WHERE id = " . $safer_id
    );
    
    // If the user exists and is not an admin
    if(count($check) > 0 && $check[0]['isadmin'] == 0){
    
      // Delete user
      query_delete_by_id("user", $safer_id);
    
    }
    
  }
}

header('location: ../admin.php');
exit;



?>